Threat & Incident Response Analyst

Threat and Incident Response Analyst
The Threat and Incident Response Analyst will be responsible for incident handling and response, threat hunting, threat intelligence processing, and data analytics related to cyber security. The analyst is responsible for the execution and optimization of these activities, in accordance with developed operating procedures, and with awareness of business operations and context.
What you'll be doing:

• Develop security content across a number of data sets that will support the objectives of identifying advanced cyber threat activities, intrusion detection, Incident Response, malware analysis, and cyber threat intelligence.
• Conduct cyber threat analysis, identification of mitigation and remediation courses of action, and develop of actionable intelligence for protecting assets.
• Develop and document processes and procedures to support security operations, including threat detection, case management, and Incident Response.
• Teach, mentor, and coach junior security analysts.
• Develop automation and enrichment capabilities using a variety of tools and capabilities. Be knowledgeable in scripting languages and API usage.
• Maintain a comprehensive understanding of the cyber threat landscape, including identifying and analyzing cyber threats actors and activities to enhance cybersecurity posture of the organization's IT operating environment.
• Utilize metrics and frameworks to demonstrate process optimization and analytical coverage.
• Lead cyber Incident Response actions to ensure proper assessment, containment, mitigation, and documentation in accordance with defined procedures.
• Research security enhancements and make recommendations.
• Facilitate the tuning and optimization of all analyst systems.
• Other duties as assigned.

What we're looking for:

• 1-2 years of relevant experience in cybersecurity.
• Experience with computer network penetration testing and techniques.
• Strong organizational, project management and process analysis skills.
• Ability to effectively work and interact with customers and team members.
• Ability to effectively manage multiple assignments and priorities.
• Ability to effectively communicate both orally and in writing.
• Understand relevant concepts and technologies: firewalls, proxies, SIEM, antivirus, IDS/IPS, DLP, NAC, EDR, etc.
• Demonstrated understanding of Incident Response, insider threat investigations, forensics, cyber threats, and information security.
• Ability to identify, prioritize, and discuss weaknesses, vulnerabilities, and remediation steps.
• Advanced technical knowledge of enterprise IT systems, operating systems, and networks.

Bonus Points:

• Experience in information technology or security desired.
• Experience with Microsoft security technologies

Education:

• Bachelor's degree required.
• Relevant security related certifications a plus: CISSP, GCIA, GSEC, GCIH, GCED, GCFA, GREM.

Travel:

• 10%

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)